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Abstract — With the rapid growth and usability of cloud 
computing, users can accomplish a successful and prudent 
approach for data sharing among group members in the cloud 
with the characters of low support and little management cost. 
In the interim, we should give security assurance for the 
information documents being shared since they are outsourced. 
Unfortunately, in the groups that have persistent changes in 
their memberships, sharing information with high level of 
security protection is a very critical issue to be considered, 
particularly for an un-confided cloud due to the collusion 
attacks. Additionally, for existing plans, the security of key 
conveyance is based on the secure communication channel, in 
any case, to have such channel could be a solid assumption and is 
troublesome process. This paper proposes an efficient and 
secure way for key distribution where the users can securely 
obtain their private keys from group manager along with 
collusion protection. 

Index Terms — Cloud computing, Group, Group key, Key 
protocols, KGC, Security. 


I. INTRODUCTION 

Due to security issues in cloud computing, we need secure 
protocols to implement group oriented applications. A Group 
Key protocol [1] is a protocol; where two or more members 
agrees on a key in such a way that both can influence the 
result. If it is properly done, this avoids undesired actions on 
the third parties. These protocols are useful in real-time, also 
do not reveal the key on which the third parties are agreed. 

In most of the key exchanging systems, one party will 
generate the key and sends to other parties and these parties 
will not influence the key. Using this group key protocol 
avoids the key distribution problems in the key exchanging 
systems. If protocols are implemented with forward 
confidentiality then both parties influence the key. Group 
applications have widely spread in the last few years. They 
allow group members to work on common resources or 
platforms. Group communication may be a text, audio or 
video conference etc. Multiple users may access the 
application at a time 

Secure message transfer is very important in group 
communications. Group of authorized members can 
communicate by using secret key sharing [2] method. To 
provide data privacy, an effective method is required to all 
group members to generate a common secret key. Data 
confidentiality is very important in group communication. 

To provide a secure group communication, it is necessary 
to manage keys in the secure way for creating, updating and 
distribution of those keys. Before exchanging the confidential 
data, the protocol has to distribute the group key to all the 
members securely and efficiently. The most common method 
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used for achieving group communication in a secure way is by 
implementing encryption techniques [3]. 

The most used key agreement protocol in the existing work 
is Diffie Heilman key agreement protocol. However, the 
Diffie Heilman algorithm is limited to provide secret key only 
for two entities, it is not preferable if the group contains more 
members. If there are more members in the group, more time 
is required to distribute the key. Hence it is necessary to avoid 
this type of problem in group communication. 

II. RELATED WORK 

Many Group Key Agreement protocols have been proposed 
in literature, most being derived from the two-party 
Diffie-Hellman (DH) key agreement protocol. While some 
are secure against passive attacks, others do not have a strong 
security proof. A security proof shows how an attack on a 
protocol can solve the problem under some strong 
assumptions. This type of well-defined model of security 
protocols were first designed by Bresson et al [4]. 

Yung et al, proposed the first provably-secure constant 
round Group Key Agreement protocol inspired from the 
works of Burmester et al. In the same work, they also 
proposed a scalable compiler to transform a Group Key 
Agreement protocol which is secure against passive attacks, 
into one which is secure against active attacks. Boyd et al. 
proposed an efficient constant round protocol where the bulk 
of the computation is done by one member. 

There are many security issues associated with the cloud 
computing. These can be categorized as issues faced by the 
cloud providers and issues face by the cloud customers. Both 
providers and customers are responsible for these issues. The 
provider must ensure that their infrastructure is securely 
managed and customer’s data is protected. The customers 
must make sure that their passwords are safe regarding 
authentication. 

When third parties want to store their personal data in public 
cloud, they lost their physical access to cloud servers hosting 
their data. This lead the sensitive and confidential data to be at 
the risk of insider attacks. According to cloud security 
surveys, these types of attacks are greatest threat to cloud 
computing. So, the organization must background check their 
employees who has physical access to data centers. And also, 
data centers must frequently monitor for suspicious attacks. 

III. ANALYSIS of Wu et al. Group Key Protocol in 
Cloud 

Wu et al [5], introduces necessary background interpolation 
method used to build parts of the proposed protocols. The aim 
of the polynomial interpolation method is to reconstruct the 
unknown function f by seeking the polynomial p n whose 
graphs is in (x,y) plane through the points (Xi,f(Xi)), i=0,.n. 
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Lagrange’s Interpolation Formula [6] 

For n + 1 support points (x i? fj), i = 0...n there is a polynomial 
P n (x), degrees do not exceed n, with P n (xi) = f i5 i = 0,..., n. We 
will construct the interpolating polynomial P n (x) explicitly as 
following equation: 
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Newton’s Interpolation Formula 

Newton’s Interpolation Formula adopts divided differences 
to construct 
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additional n points Pi = (i, f(i)) for i = 0, . . n-1, and 

authentication message Auth = h 2 (k, U0, . . Un-1, R0, . . 

Rn-1, P0, . . Pn-1). Finally, KGC broadcasts Auth and 

{Pi} n— 1 i=0. 


4. Each member Ui reconstruct f(x) with his shared secret 
(xi, yi ©hl(xi, yi,Ri)) and the broadcasted messages {Pi}n— 1 
i=0, recovers k = f(0). Next, Ui authenticates k with Auth. 

B. Group Key Transfer Scheme in Cloud Computing 

In cloud computing, the above protocol is infeasible, 
because KGC and group members are weaker than 
computationally powerful players, hence they cannot fulfill 
their individual calculation. In some environment, network 
bandwidth is not as important as group members’ 
computational power. 
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Table 1: Divided Difference Scheme 

we can calculate divided differences. And with the 
descending diagonal of the divided difference scheme, the 
coefficients fioii.jk can be calculated, the interpolation 
problem with the Newton’s interpolation formula is solved by 

Pn(x) = /o + foi(x - Xo) -f * * • 

+ /oi...n(z - *o)(* - Xi) .. . (x - In-l). (3) 


In order to distribute a common key from KGC to each 
group member in cloud computing, asking cloud servers for 
computing interpolated polynomial provides an avenue for 
them to come up with a common secret key, i.e., KGC and 
group members outsource interpolation computation to cloud 
servers. However, this protocol cannot directly be executed in 
cloud computing, because both KGC and group members do 
not hope that the sensitive information is leaked to the public 
cloud servers. 

System initialization: 

Key Generation Center randomly selects two safe primes p 
and q, such a way that p and q are primes such that p=(p-l)/2 
and q=(q-l)/2 are also primes and computes N=pq. N is 
publicly known. KGC chooses two safe hash functions hl(x) 
and h2(x) and made publicly known. 


A. Authenticated Group Key Transfer Protocol Based on 

Secret Sharing 

The scheme gets key confidentiality from the security 
feature of Shamir’s secret key sharing [7] and hash functions. 
It provides key authentication by providing a single 
authentication message. Next, the scheme handles both 
insider and outsider attacks. This protocol has two parts, pre¬ 
distributing phase and distributing phase. 

Pre-distributing phase: 

Key Generations Center (KGC) publishes N = pq where p 
and q are cryptographic primes, and publishes secure hash 
functions hl(x) and h2(x). Then, each member Ui registers at 
KGC, and shares his long-term secret (xi, yi) with KGC in a 
secure manner. 

Distributing phase: 

1. The initiator sends key sharing request to KGC with a list 
as {U0, UI, U2,. . . Un-1}, KGC broadcasts it. 

2. Each member Ui(0 < i < n - 1) broadcasts a random 
challenge Ri E Z N to KGC as a response. 

3. KGC randomly selects a group key k, and generates an 
interpolated polynomial f(x) with degree n to pass through 
(n+1) points, (0, k) and (x i? y { hl(x i? y h Rd) (0 < i < n - 1), 
where x y denotes (x + y)(mod N). Then, KGC computes 


User registration: 

All Group members must register at KGC to get keys while 
key distribution. During registration, KGC shares a secret key 
with members. 

Key distribution: 

This phase constitutes the core of the protocol and is 
performed whenever a group of users {U0,..., Un-1} decide 
to establish a common session key. We will first introduce the 
completed key distribution procedure, and then individually 
introduce some core algorithms of the key distribution. 

IV. ANALYSIS OF ARUNA ET AL. GROUP KEY PROTOCOL IN 
Cloud 

The goals of Aruna et al [8] group key protocol are key 
authentication and key freshness. For the proper group 
communication, we should ensure the key freshness and a key 
cannot be reused. If KGC distribute the same key again, it 
damages the group communication. Key confidentiality is 
ensured by an authorized group member. The authorized key 
distribution is done by the KGC not by any intruder. 

This protocol protects the information broadcasted from 
KGC to group members. In this protocol the service request 
and challenge messages are not authenticated. An intruder can 
try get group key service like a group member. Intruder can 
also modify the information transmitted from usei^to KGC. 
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Aruna et al, have proven that none of the inside and outside 
attacks can successfully attack the authorized group members 
because the attackers cannot get the group key. 

V. PROTOCOL DESIGN 

In Aruna et al protocol has three phases same as wu et al 
group key protocol. 

i. Initialization of KGC 

ii. User Registration 

iii. Group Key Generation and Distribution 

Aruna et al, have proved the security goals mention in their 
protocol against the insider and outsider attacks. The two 
types of attacks are insider and outsider. The outsider attacker 
can try get some information by sending a request to KGC 
acting as a group member. In security analysis, Aruna et al 
show that the outside attacker gains nothing, because the 
attacker cannot recover the group key, because they could not 
gain the individual factors of the composite number used by 
the KGC and the prime number difference are alone known 
from the Vandermonde’s determinant evaluation which are 
the public information available to the outsiders. The 
individual keys are generated under cyclic permutation and 
cyclic code representation, getting information may not help 
decoding permutation and cyclic code radix. 

VI. PERFORMANCE ANALYSIS 

In Wu et al group key transfer protocol, KGC side time 
consumption is, key distribution encryption 1 takes O(n) and 
key distribution encryption2 takes 0(n 2 ). The group member 
side time consumption is O(n). Server-side time consumption 
is 0(n 2 ). 

More specifically, the overall time cost is 0(n 2 ) for the 
KGC, 0(n 2 ) for the cloud server CS1, 0(n 2 ) for the cloud 
server CS2 and O(n) for each group member. However, 
according to the original scheme, KGC takes time 0(n 3 ) to 
adopt the Lagrange’s interpolation formula and takes time 
0(n 2 ) to adopt the Newton’s Interpolation Formula; for each 
group member, it will take time 0(n 2 ) no matter using the 
Lagrange’s interpolation formula or the Newton’s 
interpolation formula. 

In Aruna et al protocol, each user will get a secret while 
registering at KGC. Adding/removing any user does not need 
to update any existing shared secret. But distributing group 
key involving t group members, KGC has to broadcast t+1 
elements to all the group members. To decrypt the secret key 
each member needs to compute a t degree polynomial f(x). 
This proposed protocol suitable for distributing group key 
only to the group with less number of group members. 

VII. CONCLUSION 

In this paper, we analyzed Wu et al protocol and Aruna et al 
protocol. In both protocols, KGC is the trusted third party 
used to generate and distribute keys. For rekeying and 
distributing keys both protocols used interpolation formulas 
and secret key sharing schemes. Both protocols guarantee the 
confidentiality of authentication, correctness and efficiency. 


Wu et al protocol gains more performance gain in key 
generation and key distribution. Aruna et al protocol assumes 
that KGC is a mutually trusted entity, so the protocol only 
concentrates on the group information. This protocol works 
better with the small size group. If the group is large, then 
centralized group distribution protocols have to use. 
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